cvedb.io
CVE-2015-5162
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2016-10-07T14:59:01.520 · Last modified 2026-06-17T00:28:35.223

Summary

The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service (memory and disk consumption) via a crafted disk image.

Affected products

openstack — cinder

Does this affect you?

Add your gear to cvedb and we'll alert you only when openstack ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.